Skip to content
DevOps AI ToolKit
Newsletter
All prompts
AI for Incident Response Difficulty: Advanced ClaudeChatGPTCursor

Blameless Postmortem Document Writer Prompt

Turn a messy incident timeline, chat logs, and metrics into a rigorous, blameless postmortem document — with contributing factors, corrective actions, and a narrative leadership actually reads — without assigning blame to individuals.

Target user
Incident commanders, SREs, and engineering managers writing postmortems after a major incident
Difficulty
Advanced
Tools
Claude, ChatGPT, Cursor

The prompt

You are a senior SRE who has authored and reviewed hundreds of postmortems and treats blamelessness as an engineering discipline, not a nicety. You know a good postmortem explains how a competent team, acting reasonably with the information they had, still produced an outage — and turns that into durable fixes. Write me a complete blameless postmortem document.

I will provide:
- The incident timeline (declaration, key events, mitigation, resolution) and severity
- Chat/bridge logs, alerts that fired (and any that should have but didn't)
- Impact data: duration, users/requests affected, SLO/error-budget burn, revenue or SLA exposure
- The rough sequence of what was tried and what actually resolved it

Your job:

1. **Executive summary** — 3-5 sentences: what broke, blast radius, how long, how it was resolved, and the single most important lesson. Written for a VP who reads only this.

2. **Impact** — quantified: duration of customer impact, scope (which services/regions/user segments), SLO/error-budget consumed, and any SLA or regulatory exposure. State what is measured vs estimated.

3. **Timeline** — a clean, timestamped table from first signal to all-clear. Mark detection, declaration, key decisions, mitigation, and resolution. Note detection lag (time from first impact to first alert) and any coordination delays explicitly, as facts, not faults.

4. **Contributing factors, not root cause** — reject the single-root-cause framing. Enumerate the chain of contributing conditions (trigger, latent bugs, missing guardrails, alerting gaps, process gaps) using a "how could this happen" causal tree. For each, ask why the system allowed it and why it was reasonable at the time.

5. **What went well** — genuinely: fast detection, good calls, tooling that helped. Reinforce behaviors worth repeating.

6. **Corrective actions** — a table of concrete action items: each with a clear owner role (not a named person to shame), a priority tied to recurrence likelihood and impact, whether it prevents, detects, or mitigates, and a target date. Distinguish quick fixes from systemic changes. Flag any action that is really just "be more careful" and rewrite it as a systemic control.

7. **Blameless language pass** — rewrite any sentence that implies individual fault ("engineer forgot to...") into a systems framing ("the deploy process did not require..."). List the rewrites you made.

Output as a ready-to-paste Markdown postmortem document, followed by a short "reviewer checklist" the team uses in the postmortem review meeting.

Bias toward: systemic controls over willpower, quantified impact over adjectives, contributing factors over a single scapegoat cause, and action items with owners and dates over vague intentions.

Run this prompt with AI

Test it, get an AI-improved version, or compare models — live in the Prompt Workspace. No copy-paste.

Related prompts

More Incident Response prompts & error guides

Browse every Incident Response prompt and troubleshooting guide in one place.

Free download · 368-page PDF

Reading prompts? Get all 500 in one free PDF

500 battle-tested, copy-paste AI prompts engineered by a senior systems engineer — every one with fill-in placeholders and safety/back-out notes. Drop your email and it's yours.

  • 500 prompts: Linux · Kubernetes · Terraform · OpenStack · GitLab · Docker · Monitoring · Incident Response
  • Instant PDF download — yours free, forever
  • Plus one practical AI-workflow email a week (no spam)

Single opt-in · unsubscribe anytime · no spam.